package com.aaa.Realm;

import com.aaa.entity.Student;
import com.aaa.service.StudentService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

public class StudentRealm  extends AuthorizingRealm {
    @Autowired
    private StudentService studentService;
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //获取前端传过来的token信息
        UsernamePasswordToken token= (UsernamePasswordToken) authenticationToken;
        //从token中获取的用户名  根据用户名在数据库中查询用户对象
        String username = token.getUsername();

        Student stuname = studentService.getStuname(username);
        if (stuname == null){
            throw new UnknownAccountException("用户："+stuname+"不存在");
        }
        /**
         * dbUser.getUserName(), :从数据库中拿到的用户名
         * dbUser.getPassword(), 从数据库中拿到的密码
         * getName() 获取当前Realm的名字
         */
        //返回一个认证信息的一个实例
        SimpleAuthenticationInfo info= new SimpleAuthenticationInfo
                (stuname.getStuname(),stuname.getPassword(), ByteSource.Util.bytes(stuname.getStuname()),getName());
        return info;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }
}
